Add EAB Config options (#101)

2026-01-11 04:28:28 +00:00 · 2022-08-22 12:26:01 +02:00 · 2022-08-22 12:26:01 +02:00 · d00dc597d1
commit d00dc597d1
parent 769911d4f8
5 changed files with 26 additions and 2 deletions
--- a/charts/caddy-ingress-controller/README.md
+++ b/charts/caddy-ingress-controller/README.md
@ -53,6 +53,8 @@ The command removes all the Kubernetes components associated with the chart and
 | image.tag | string | `"latest"` |  |
 | imagePullSecrets | list | `[]` |  |
 | ingressController.config.acmeCA | string | `""` |  |
+| ingressController.config.acmeEABKeyId | string | `""` |  |
+| ingressController.config.acmeEABMacKey | string | `""` |  |
 | ingressController.config.debug | bool | `false` |  |
 | ingressController.config.email | string | `""` |  |
 | ingressController.config.metrics | bool | `true` |  |
--- a/charts/caddy-ingress-controller/values.schema.json
+++ b/charts/caddy-ingress-controller/values.schema.json
@ -110,6 +110,14 @@
                }
              ]
            },
+            "acmeEABKeyId": {
+              "$id": "#/properties/ingressController/properties/config/properties/acmeEABKeyId",
+              "type": "string"
+            },
+            "acmeEABMacKey": {
+              "$id": "#/properties/ingressController/properties/config/properties/acmeEABMacKey",
+              "type": "string"
+            },
            "debug": {
              "$id": "#/properties/ingressController/properties/config/properties/debug",
              "type": "boolean"
--- a/charts/caddy-ingress-controller/values.yaml
+++ b/charts/caddy-ingress-controller/values.yaml
@ -25,6 +25,8 @@ ingressController:
  classNameRequired: false
  leaseId: ""
  config:
+    acmeEABKeyId: ""
+    acmeEABMacKey: ""
    # -- Acme Server URL
    acmeCA: ""
    debug: false
--- a/internal/caddy/global/configmap.go
+++ b/internal/caddy/global/configmap.go
@ -2,11 +2,13 @@ package global

 import (
 	"encoding/json"
+
 	caddy2 "github.com/caddyserver/caddy/v2"
 	"github.com/caddyserver/caddy/v2/caddyconfig"
 	"github.com/caddyserver/caddy/v2/modules/caddytls"
 	"github.com/caddyserver/ingress/pkg/converter"
 	"github.com/caddyserver/ingress/pkg/store"
+	"github.com/mholt/acmez/acme"
 )

 type ConfigMapPlugin struct{}
@ -39,6 +41,13 @@ func (p ConfigMapPlugin) GlobalHandler(config *converter.Config, store *store.St
 			acmeIssuer.CA = cfgMap.AcmeCA
 		}

+		if cfgMap.AcmeEABKeyId != "" && cfgMap.AcmeEABMacKey != "" {
+			acmeIssuer.ExternalAccount = &acme.EAB{
+				KeyID:  cfgMap.AcmeEABKeyId,
+				MACKey: cfgMap.AcmeEABMacKey,
+			}
+		}
+
 		if cfgMap.Email != "" {
 			acmeIssuer.Email = cfgMap.Email
 		}
--- a/pkg/store/configmap_parser.go
+++ b/pkg/store/configmap_parser.go
@ -1,18 +1,21 @@
 package store

 import (
+	"reflect"
+	"time"
+
 	"github.com/caddyserver/caddy/v2"
 	"github.com/mitchellh/mapstructure"
 	"github.com/pkg/errors"
 	apiv1 "k8s.io/api/core/v1"
-	"reflect"
-	"time"
 )

 // ConfigMapOptions represents global options set through a configmap
 type ConfigMapOptions struct {
 	Debug                     bool           `json:"debug,omitempty"`
 	AcmeCA                    string         `json:"acmeCA,omitempty"`
+	AcmeEABKeyId              string         `json:"acmeEABKeyId,omitempty"`
+	AcmeEABMacKey             string         `json:"acmeEABMacKey,omitempty"`
 	Email                     string         `json:"email,omitempty"`
 	ExperimentalSmartSort     bool           `json:"experimentalSmartSort,omitempty"`
 	ProxyProtocol             bool           `json:"proxyProtocol,omitempty"`